def test_bundle(self):
policy = 'p1234['
signature = 's1234['
bundle = Query.encode({URL.POLICY: policy, URL.SIGNATURE: signature})
query = 'age=10'
url = SignedURL('https://pulp.org/content?{b};{q}'.format(b=bundle,
q=query))
self.assertEqual(url.bundle, (policy, signature))
def test_validate(self, bundle, policy):
remote_ip = '10.1.23.11'
resource = '/content/good/stuff'
_policy = Mock(resource=resource,
expiration=0,
extensions=dict(remote_ip=remote_ip))
bundle.return_value = ('p1234[', 's1234[')
policy.validate.return_value = _policy
key = Mock()
# test
url = SignedURL('https://pulp.org{r}'.format(r=resource))
_resource = url.validate(key, remote_ip=remote_ip)
# validation
policy.validate.assert_called_once_with(key, bundle.return_value[0],
bundle.return_value[1])
self.assertEqual(_resource, resource)
def test_query(self):
bundle = Query.encode(
{
URL.POLICY: 'p1234[',
URL.SIGNATURE: 's1234['
})
query = 'age=10'
url = SignedURL('https://pulp.org/content?{b};{q}'.format(b=bundle, q=query))
self.assertEqual(url.query, query)
def test_validate_resource_not_matched(self, bundle, policy):
resource = '/content/good/stuff'
_policy = Mock(resource='bogus', expiration=0, extensions={})
bundle.return_value = ('p1234[', 's1234[')
policy.validate.return_value = _policy
key = Mock()
# test
url = SignedURL('https://pulp.org{r}'.format(r=resource))
self.assertRaises(ResourceNotMatched, url.validate, key)
def test_validate(self, bundle, policy):
remote_ip = '10.1.23.11'
resource = '/content/good/stuff'
_policy = Mock(
resource=resource,
expiration=0,
extensions=dict(remote_ip=remote_ip)
)
bundle.return_value = ('p1234[', 's1234[')
policy.validate.return_value = _policy
key = Mock()
# test
url = SignedURL('https://pulp.org{r}'.format(r=resource))
_resource = url.validate(key, remote_ip=remote_ip)
# validation
policy.validate.assert_called_once_with(
key, bundle.return_value[0], bundle.return_value[1])
self.assertEqual(_resource, resource)
def test_validate_extension_not_matched(self, bundle, policy):
remote_ip = '10.1.23.11'
resource = '/content/good/stuff'
_policy = Mock(
resource=resource,
expiration=0,
extensions=dict(remote_ip='66.1.123.10')
)
bundle.return_value = ('p1234[', 's1234[')
policy.validate.return_value = _policy
key = Mock()
# test
url = SignedURL('https://pulp.org{r}'.format(r=resource))
self.assertRaises(ExtensionNotMatched, url.validate, key, remote_ip=remote_ip)
def test_bundle_when_not_signed(self):
url = SignedURL('https://pulp.org/content')
self.assertRaises(NotSigned, getattr, url, 'bundle')
def test_query_no_signature(self):
query = 'age=10'
url = SignedURL('https://pulp.org/content?{q}'.format(q=query))
self.assertEqual(url.query, query)
def test_validate_resources_not_matched(self):
url = URL('http://redhat.com/content/jit.rpm')
url = url.sign(KEY)
content = str(url)
url = SignedURL(content.replace('content', 'free/content'))
self.assertRaises(NotValid, url.validate, PUB)
def test_no_signature(self):
url = URL('http://redhat.com/content/jit.rpm')
url = url.sign(KEY)
content = str(url)
url = SignedURL(content.replace('signature=', 'age='))
self.assertRaises(NotSigned, url.validate, PUB)
def test_signature_decoding(self):
url = URL('http://redhat.com/content/jit.rpm')
url = url.sign(KEY)
content = str(url)
url = SignedURL(content.replace('signature=', 'signature=XXX'))
self.assertRaises(DecodingError, url.validate, PUB)
def test_policy_altered(self):
url = URL('http://redhat.com/content/jit.rpm')
url = url.sign(KEY)
content = str(url)
url = SignedURL(content.replace('policy=', 'policy=1'))
self.assertRaises(PolicyNotAuthenticated, url.validate, PUB)